Cybercriminal group Storm-1865 is deploying social-engineering attacks on hospitality businesses, using a method known as “ClickFix”, where victims receive fake error or system notifications. Following the attackers’ instructions, victims either visit a malicious website or download malware directly. The criminals impersonate Booking.com to prompt users to provide financial details and login credentials. The Microsoft security research team points out this tactic has enabled Storm-1865 to evade many antimalware tools.

United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian-Israeli national, has been extradited to the U.S. for his role as a developer in the LockBit ransomware group. Arrested